I’m posting the following more for my own benefit and reference than anything else…Correct syntax for SSH and SFTP on Ubuntu on irregular ports: (replace items in < > with your stuff, without the < >)
Source: Slashdot.org - Posted by Benjamin D. Thomas
Mark Osborne doesn't like auditors. In fact, after reading this book, one gets the feeling he despises them. Perhaps he should have titled this book 'How I learned to stop worrying and hate auditors'. Of course, that is not the main theme of How to Cheat at Managing Information Security, but Osborne never hides his feeling about auditors, which is not necessarily a bad thing. In fact, the auditor jokes start in the preface, and continue throughout the book.
The subtitle of the book is 'Straight talk from the loud-fat-bloke who protected Buckingham Palace and ran KPMG's security practice'. Essentially, the book is Osborne's reminiscence of his years in information security; including the good, the bad, and more often then not, the ugly.
This is the second part of the introduction to FireHOL article . It covers more advanced topics that you might find useful, such as defining new services, selective filtering, and NAT. I suggest you read the first part of the article if you haven’t done so. FireHOL by default comes with a large number of predefined services, including http, https, dhcp, icmp, samba, snmp, syslog, telnet, ssh, and so on. A complete list can be found here. However, if run application that does not exists in FireHOL service list, it’s very easy to add one.
Having firewall is one of the steps you can take to make sure that you machine is a little bit secure. This is achieved by opening access only to application or ports that you explicitly allow, and blocking the rest. This for me is a good practice, although some people might argue otherwise. For my Linux machines, I prefer to use FireHOL. FireHOL is not a firewall on its own, but a shell wrapper for Linux iptables firewall. It allows you to configure iptables rules in a descriptive, easy to understand language.
Source: FreeSoftwareMag - Posted by Benjamin D. Thomas
Good security is the basis of any viable website. With the internet being the most public of places, broken systems cost—money, reputations and possibly customer identities are the currency. Pro PHP Security, published by Apress and written by Chris Snyder and Michael Southwell, is a detailed and authoritive account of the security details that effect a successful deployment of a PHP website. The book ranges from the almost theoretical to the highly practical such as SQL injection attack hardening and validating user input. If you are a newbie programmer or a serious practitioner, you may still find highly relevant comfort and detail in the book. There may be monsters waiting in the dark.
Source: Techworld.com - Posted by Vincenzo Ciaglia
If you were to line up a hub, a switch and a router next to one another, at first glance you might think they look pretty much the same. While they do have some basic functionality in common, they are in fact very different beasts. If you can't tell your routers from your hubs, please read on -- this column is for you.
Researchers at Sandia National Laboratories have released a paper on a technique they have developed for passively fingerprinting wireless device drivers (PDF link below). The researchers comment, "This technique is valuable to an attacker wishing to conduct reconnaissance against a potential target so that he may launch a driver-specific exploit."
Today, Wi-Fi access points everywhere, and users becoming increasingly more sophisticated in their wireless network knowledge. One good tool for discovering Wi-Fi access points is a command-line utility called Kismet. It can help with a range of issues, from diagnosing Wi-Fi interference problems to finding a particular network in a sea of airborne bits.
OpenVPN is a tried and true VPN solution. It's totally secure and infinitely configurable. You can install and run this software without relying on a third party, but the fact that it’s open source and free is what really makes it stand out. OpenVPN can be a little daunting to configure the first time you jump into it, but once you get your configuration worked out, it’s a pleasure to use. After you have the software running on your network, it’s possible to seamlessly perform a great number of tasks. One of the most popular and practical uses for OpenVPN is its ability to enable secure surfing and home network access—whether you're out traveling or you're on an open wifi access point. It can also be used to connect separate remote networks together into one large network that is fully routable. As you can see, there’s really no limit to what you can do with OpenVPN.
Watching the news these past few weeks, you would think that hackers have taken over our cellphones. From the Paris Hilton phone hack (which was not Bluetooth-based), to the unintentional release of Fred Durst's (from the band Limp Bizkit) sex video - Wireless security has been thrust into the limelight. The proliferation of Bluetooth devices has made wireless communications easy and the Bluetooth group wants you to believe that this technology is safe from hackers. However, the guys from Flexilis, a wireless think-tank based in Los Angeles, beg to differ and they have a big freakin gun to "voice" their opinions.
